Nairobi — Africa has become a testing ground for the world’s most advanced cyberattacks, according to Microsoft’s 2025 Digital Defense Report, which warns that artificial intelligence (AI), deepfakes, and digital impersonation are driving a new wave of threats across the continent.
The report, drawing from over 100 trillion daily security signals, shows that cybercriminals are increasingly using AI to enhance phishing schemes, impersonate trusted individuals, and exploit familiar digital platforms.
North African countries have emerged as key targets, while South Africa has become a hotspot for Business Email Compromise (BEC) infrastructure and money mule operations.
“Africa isn’t just a target — it’s a proving ground for the latest cyber threats,” said Kerissa Varma, Microsoft’s Chief Security Advisor for Africa. “Attackers are using AI to tailor phishing messages in local languages, mimic familiar figures, and weaponize everyday platforms.”
Follow us on WhatsApp | LinkedIn for the latest headlines
Microsoft’s investigation revealed that in 80 percent of incidents last year, data theft was the primary goal. Financially driven attacks pushed the total cost of cybercrime in Africa from Sh25 billion ($192 million) to Sh63 billion ($484 million), with the number of victims rising from 35,000 to 87,000, according to the World Economic Forum’s Cybercrime Impact Atlas 2025.
BEC has overtaken ransomware as the most financially damaging threat, accounting for 21 percent of successful attacks despite making up just two percent of total incidents. Criminals increasingly combine phishing, credential theft, and multi-factor authentication tampering to breach systems.
The report also details emerging tactics such as “ClickFix” scams — where users unknowingly run malicious code — and impersonation via Microsoft Teams to gain remote access under the guise of IT support.
AI has significantly amplified the impact of cybercrime. Microsoft found that AI-powered phishing now achieves a 54 percent click rate — 4.5 times higher than traditional campaigns — and can increase profitability by up to 50-fold. There has also been a 195 percent global rise in AI-generated IDs used to bypass verification and launch attacks.
“This is a pivotal moment for African business leaders,” Varma warned. “Familiar tools can be turned against us. Early signs like credential theft must be treated as indicators of larger breaches.”
Microsoft’s Secure Future Initiative — its largest cybersecurity engineering program — is helping African organisations strengthen resilience by integrating AI-driven defense systems and more secure product design frameworks.
Sign up for free AllAfrica Newsletters
Get the latest in African news delivered straight to your inbox
Success!
Almost finished…
We need to confirm your email address.
To complete the process, please follow the instructions in the email we just sent you.
Error!
There was a problem processing your submission. Please try again later.
The tech giant urged African companies and governments to invest in modern, adaptive cybersecurity strategies to counter the continent’s evolving digital threat landscape.
